ELBv1 load balancer access logging should be enabled


ELB access logs record information about every HTTP and TCP request a load balancer processes. ELB access logging should be enabled in order to analyze statistics, diagnose issues, and retain data for regulatory or legal purposes.

Console Remediation Steps

  • Navigate to EC2.

  • In the navigation pane, choose Load Balancers.

  • Select your load balancer.

  • On the Description tab, choose Edit attributes.

  • On the Edit load balancer attributes page, Choose Configure access logs.

  • Check Enable Access Logs.

  • Provide a name for your S3 bucket and check Create this location for me.

  • Click Save.

CLI Remediation Steps

  • To enable access logs for your load balancer:

    • aws elb modify-load-balancer-attributes --load-balancer-name <my-loadbalancer> --load-balancer-attributes file://my-json-file.json